Changes in Default Behavior in Windows Server 2003
What are the changes in default behavior in Windows Server 2003?
The Windows security initiative, launched in the spring of 2002, has the goal of further strengthening the security of Windows operating systems for servers. During the early phases of this initiative, the Windows Server team examined the entire Windows Server 2003 code base, developed threat models to uncover security weaknesses in the product, and created design changes to mitigate those threats.
In the time between the release of Windows 2000 Server and the release of Windows Server 2003, numerous design changes were made to the product as a result of the Windows security initiative. Some of these design changes represent changes to the default configuration of a newly created or upgraded server.
Traditionally, each new Windows server operating system release is designed with default configuration settings that support the protocols, services, and applications currently running on the previous releases, without requiring these protocols, services, and applications to be reconfigured.
As part of the security initiative, Microsoft has chosen to change this policy so that the server product is secure “out of the box.” Administrators who reconfigure their server configurations to restore previous defaults should consider whether these changes enhance or reduce the security of their servers and network.
A high-level overview of design changes that were made to the Microsoft Windows Server 2003 family of operating systems. This document can assist developers and IT professionals who migrate their servers to Windows Server 2003 or developers who create or modify applications and scripts to run on Windows Server 2003. This document is intended to help this audience understand why the design changes were made, the implications of the changes, and any options that can be used to revert to the previous default settings, if desired.
You may also want to read: